Qlik uses an administrative account to connect to SAP and run the extracts (SQL , BAPI ,Queries etc...)

Then in QLIK you can secured the data model with SECTION ACCESS which is equivalent of creating a data filter and data column table with a userid/group field and a data key that will join the table to your qlik model. This gives you row and column security in the data model.

The reason why qlik does this because the script is giving you ETL capabilities and the ability to integrate multiple SAP data sets or multiple SAP and non-SAP data sets together that don't exist anywhere else and need a novel or adjusted security layer.

The section access table can be pulled from any authorization table from any source including SAP. So if you have an auth table in SAP , you can pull the table into QLIK , tranform to a qlik style table and that would be updated every time the dashboard reloads keeping the data and security synchronized.